package com.qf.web.controller;

import com.qf.pojo.R;
import com.qf.pojo.User;
import com.qf.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

@RestController
@RequestMapping("/user")
public class UserController {

    @Autowired
    private UserService userService;

    @PostMapping("/login")
    public R login(@RequestBody User user, HttpServletRequest req){
        User loginUser = userService.login(user);

        if (loginUser == null){
            //登录失败
            return R.error("用户名或密码错误");
        }else{
            //登录成功 - 存入session + 返回
            req.getSession().setAttribute("user",loginUser);

            //将敏感信息进行脱敏处理
            loginUser.setPassword("");
            return R.success(loginUser);
        }
    }
}
